OT Security Engineer
Trans Bay Cable (Energy Infrastructure Subsidiary of NextEra Energy)
- Integrated and enforced Purdue Model network segmentation protecting OT/ICS assets, reducing lateral movement risk between operational and corporate environments.
- Deployed and administered Check Point firewalls managing 250+ rules and RBAC policies to enforce segmentation aligned with NERC CIP requirements across IT/OT environments.
- Maintained NERC CIP aligned firewall rule governance to support audit evidence and compliance reviews.
- Supported implementation of Dragos to enhance OT specific threat detection within segmented control and DMZ networks.
- Hardened ICS Active Directory environment by enforcing least-privilege policies and restricting administrative access to critical control systems.
- Designed secure remote execution pathway between segmented networks using Just Enough Administration (JEA) for PowerShell.
- Investigated and triaged SIEM alerts in Tripwire Log Center by correlating firewall, endpoint, and system logs, assessing severity and operational impact to validate or dismiss potential security threats.
- Deployed Trend Micro Apex One agents across ICS and DMZ networks, enhancing endpoint visibility and malware protection within segmented OT environments.